Bash Profile Updates

Do not add interactive commands such as oraenv, or commands that might return an error or warning message, to the .bash_profile file for the grid or oracle users. Adding such commands can prevent Database service operations from functioning properly.

Essential Firewall Rules

For a 1-node DB system or 2-node RAC DB system, do not remove or modify the following firewall rules in /etc/sysconfig/iptables:

The firewall rules for ports 1521, 7070, and 7060 allow the Database service to manage the DB system. Removing or modifying them can result in the Database Service no longer operating properly.

The firewall rules for 169.254.0.2:3260 and 169.254.0.3:80 prevent non-root users from escalating privileges and tampering with the system’s boot volume and boot process. Removing or modifying these rules can allow non-root users to modify the system's boot volume.

OS Updates

Before you update the OS, review the following important guidelines and information:

Back up your DB system's databases prior to attempting an OS update.

Do not remove packages from a DB system. However, you might have to remove custom RPMs (packages that were installed after the system was provisioned) for the update to complete successfully.

Warning

Do not install NetworkManager on the DB system. Installing this
package and rebooting the system results in severe loss of access to the system.

Oracle recommends that you test any updates thoroughly before updating a production system.

The image used to launch a DB system is updated regularly with the necessary patches. After you launch a DB system, you are responsible for applying the required OS security updates published through the Oracle public YUM server.

To apply OS updates, the DB system's A virtual version of a traditional network—including CIDRs, subnets, route tables, and gateways—on which your instance runs. must be configured to allow access to the YUM repository. For more information, see Network Setup for DB Systems.